Get Advice Icon

Need advice about which tool to choose?Ask the StackShare community!

Keywhiz
Keywhiz

10
20
+ 1
1
Puppet Labs
Puppet Labs

613
434
+ 1
218
Add tool

Keywhiz vs Puppet Labs: What are the differences?

Developers describe Keywhiz as "A system for distributing and managing secrets". Keywhiz is a secret management and distribution service that is now available for everyone. Keywhiz helps us with infrastructure secrets, including TLS certificates and keys, GPG keyrings, symmetric keys, database credentials, API tokens, and SSH keys for external services — and even some non-secrets like TLS trust stores. Automation with Keywhiz allows us to seamlessly distribute and generate the necessary secrets for our services, which provides a consistent and secure environment, and ultimately helps us ship faster. On the other hand, Puppet Labs is detailed as "Server automation framework and application". Puppet is an automated administrative engine for your Linux, Unix, and Windows systems and performs administrative tasks (such as adding users, installing packages, and updating server configurations) based on a centralized specification.

Keywhiz and Puppet Labs are primarily classified as "Secrets Management" and "Server Configuration and Automation" tools respectively.

Some of the features offered by Keywhiz are:

  • Keywhiz Server provides JSON APIs for accessing and managing secrets. It is written in Java and based on Dropwizard.
  • KeywhizFs is a FUSE-based file system, providing secrets as if they are files in a directory. Transparently, secrets are retrieved from a Keywhiz Server using mTLS with a client certificate.
  • Presenting secrets as files makes Keywhiz compatible with nearly all software. Outside of Keywhiz administration, consumers of secrets only have to know how to read a file.

On the other hand, Puppet Labs provides the following key features:

  • Insight- Puppet Enterprise's event inspector gives immediate and actionable insight into your environment, showing you what changed, where and how by classes, nodes and resources.
  • Discovery- Puppet Enterprise delivers a dynamic and fully-pluggable discovery service that allows you to take advantage of any data source or real-time query results to quickly locate, identify and group cloud nodes.
  • Provisioning- Automatically provision and configure bare metal, virtual, and private or public cloud capacity, all from a single pane. Save time getting your cloud projects off the ground by reusing the same configuration modules you set up for your physical deployments.

Keywhiz and Puppet Labs are both open source tools. Puppet Labs with 5.37K GitHub stars and 2.1K forks on GitHub appears to be more popular than Keywhiz with 2.09K GitHub stars and 166 GitHub forks.

What is Keywhiz?

Keywhiz is a secret management and distribution service that is now available for everyone. Keywhiz helps us with infrastructure secrets, including TLS certificates and keys, GPG keyrings, symmetric keys, database credentials, API tokens, and SSH keys for external services — and even some non-secrets like TLS trust stores. Automation with Keywhiz allows us to seamlessly distribute and generate the necessary secrets for our services, which provides a consistent and secure environment, and ultimately helps us ship faster.

What is Puppet Labs?

Puppet is an automated administrative engine for your Linux, Unix, and Windows systems and performs administrative tasks (such as adding users, installing packages, and updating server configurations) based on a centralized specification.
Get Advice Icon

Need advice about which tool to choose?Ask the StackShare community!

Why do developers choose Keywhiz?
Why do developers choose Puppet Labs?

Sign up to add, upvote and see more prosMake informed product decisions

    Be the first to leave a con
    What companies use Keywhiz?
    What companies use Puppet Labs?
      No companies found

      Sign up to get full access to all the companiesMake informed product decisions

      What tools integrate with Keywhiz?
      What tools integrate with Puppet Labs?
        No integrations found

        Sign up to get full access to all the tool integrationsMake informed product decisions

        What are some alternatives to Keywhiz and Puppet Labs?
        Vault
        Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.
        AWS Secrets Manager
        AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.
        Docker Secrets
        A container native solution that strengthens the Trusted Delivery component of container security by integrating secret distribution directly into the container platform.
        Torus CLI
        Torus simplifies the modern development workflow enabling you to store, share, and organize secrets across services and environments. With Torus, you can standardize on one tool across all environments. Map Torus to your workflows using projects, environments, services, teams, and machines.
        SecretHub
        All software needs secrets to access other resources: encryption keys, API tokens, database passwords. Helps teams deploy those application secrets to any cloud with a secure, automatic and reproducible deployment process.
        See all alternatives
        Decisions about Keywhiz and Puppet Labs
        StackShare Editors
        StackShare Editors
        Salt
        Salt
        Puppet Labs
        Puppet Labs
        Ansible
        Ansible

        By 2014, the DevOps team at Lyft decided to port their infrastructure code from Puppet to Salt. At that point, the Puppet code based included around "10,000 lines of spaghetti-code,” which was unfamiliar and challenging to the relatively new members of the DevOps team.

        “The DevOps team felt that the Puppet infrastructure was too difficult to pick up quickly and would be impossible to introduce to [their] developers as the tool they’d use to manage their own services.”

        To determine a path forward, the team assessed both Ansible and Salt, exploring four key areas: simplicity/ease of use, maturity, performance, and community.

        They found that “Salt’s execution and state module support is more mature than Ansible’s, overall,” and that “Salt was faster than Ansible for state/playbook runs.” And while both have high levels of community support, Salt exceeded expectations in terms of friendless and responsiveness to opened issues.

        See more
        Marcel Kornegoor
        Marcel Kornegoor
        CTO at AT Computing · | 5 upvotes · 212K views
        atAT ComputingAT Computing
        Linux
        Linux
        Ubuntu
        Ubuntu
        CentOS
        CentOS
        Debian
        Debian
        Red Hat Enterprise Linux
        Red Hat Enterprise Linux
        Fedora
        Fedora
        Visual Studio Code
        Visual Studio Code
        Jenkins
        Jenkins
        VirtualBox
        VirtualBox
        GitHub
        GitHub
        Docker
        Docker
        Kubernetes
        Kubernetes
        Google Compute Engine
        Google Compute Engine
        Ansible
        Ansible
        Puppet Labs
        Puppet Labs
        Chef
        Chef
        Python
        Python
        #ATComputing

        Since #ATComputing is a vendor independent Linux and open source specialist, we do not have a favorite Linux distribution. We mainly use Ubuntu , Centos Debian , Red Hat Enterprise Linux and Fedora during our daily work. These are also the distributions we see most often used in our customers environments.

        For our #ci/cd training, we use an open source pipeline that is build around Visual Studio Code , Jenkins , VirtualBox , GitHub , Docker Kubernetes and Google Compute Engine.

        For #ServerConfigurationAndAutomation, we have embraced and contributed to Ansible mainly because it is not only flexible and powerful, but also straightforward and easier to learn than some other (open source) solutions. On the other hand: we are not affraid of Puppet Labs and Chef either.

        Currently, our most popular #programming #Language course is Python . The reason Python is so popular has to do with it's versatility, but also with its low complexity. This helps sysadmins to write scripts or simple programs to make their job less repetitive and automating things more fun. Python is also widely used to communicate with (REST) API's and for data analysis.

        See more
        Interest over time
        Reviews of Keywhiz and Puppet Labs
        No reviews found
        How developers use Keywhiz and Puppet Labs
        Avatar of Cyrus Stoller
        Cyrus Stoller uses Puppet LabsPuppet Labs

        I'm using puppet to configure my servers. This makes it really simple to ensure that I have the same environment. There is a bit of a learning curve, but the repeatability definitely makes it worth the effort. I found puppet to be a little easier to pick up relative to chef, but I've used both. They're both great solutions.

        I really like that there are a lot of modules available on the puppet forge that are being actively maintained.

        Avatar of Trusted Shops GmbH
        Trusted Shops GmbH uses Puppet LabsPuppet Labs

        We provision all servers with puppet. We have one central Puppet server which uses puppet modules referenced by a Puppetfile. Those puppet modules are partly from forge and partly self written.

        All modules which are self written, have to be tested using rspec-puppet and beaker.

        Avatar of Opstax Ltd
        Opstax Ltd uses Puppet LabsPuppet Labs

        Opstax uses puppet for role/profile based configuration management and the distribution of small/static code.

        Avatar of GeniusLink
        GeniusLink uses Puppet LabsPuppet Labs

        Configures or servers and allows us to be region independent we have 5 regions across the globe.

        Avatar of Michael Wieland
        Michael Wieland uses Puppet LabsPuppet Labs

        The server is set up using Puppet

        How much does Keywhiz cost?
        How much does Puppet Labs cost?
        Pricing unavailable
        Pricing unavailable
        News about Keywhiz
        More news